KSC Free shows warning, with Brave browser and swisscows search engine, "Access denied, Malicious website"

[Beacon_of_hope]

 

Hi,

I have Kaspersky Security Cloud free version 21.2.16.590 (b) and Brave browser. In Brave browser I use Swisscows.com, it is Swiss well respected privacy search engine. Almost every time when I search something I get this pop up from Kaspersky:

 

and when I click on it I get this: 

Swisscows should be trusted site, why is this happening? On other pages it works fine, no pop ups.

[Flood and Flood's wife]

Hello @Beacon_of_hope,

Welcome!

1. Brave is not listed as a supported browser.
2. In the last 2 weeks there’s been at least 4 other cases with the gdprvalidate.de detection - see topics at the end of our reply
3. We’ve replicated the issue. 
4. We tested in Chrome, Edge & Brave (even tho it’s not supported), with all extensions & addons disabled. 
5. We’ve submitted a case & will update (your topic) when the Kaspersky Technical Team respond

 

• Please also note the advice from @Schulte, in topic: Bösartige Link-Nachricht

The gdpr... domain appears to belong to an adware, some of which is referred to as CacheFlow.

It nests as a browser add-on, manipulates search results and probably also runs clicks on advertisements in the background.

As a first measure, all add-ons should be checked.
Especially suspicious is everything that has to do with Instagram down or upload, other video downloaders are also used as camouflage.

Please disable all add-ons in the browser, then restart the browser. 

• & as a general resource, please read Kaspersky notification of detection, file or website detected topic, raised by @richbuff 

Thank you🙏

Flood🐳 +🐋

Additional topics: 

Avvisi continui collegamento malevolo

Access Denied Malicious website-xf.gdprvalidate.de in Edge

Access Denied Malicious website-xf.gdprvalidate.de in Firefox Windows 10

[Beacon_of_hope]

Ok, thank you very much, good to know you are aware of problem😃  In Brave browser I have add-on Emsisoft browser security (tryed disabling, problem remains ), I know that Kaspersky doesn’t fully support Brave so I use that add-on as additional protection. I also replicated problem in Firefox (didn’t install there Emsisoft add-on), but judging with link you provided you already know that.

Waiting for Kaspersky Technical Team response 🙂

 

 

[Danila T.]

Hello,

This URL is associated with a malicious browser extension.

[harlan4096]

Also, it seems the system probably has some kind of PUP/PUA/Adware which triggering those malicious URL accesses…

 

I would run a tool such as AdwCleaner to check...

[Flood and Flood's wife]

Waiting for Kaspersky Technical Team response 🙂

Hello @Beacon_of_hope, 
You’re very welcome☺ !

SC is a search engine (offered as Google alternative), however, see reply from Kaspersky virus experts: 

 

SC have not responded to our communications alerting them to the issue. 

Thank you🙏

Flood🐳 +🐋

[Flood and Flood's wife]

Also, it seems the system probably has some kind of PUP/PUA/Adware which triggering those malicious URL accesses… I would run a tool such as AdwCleaner to check...

Hello @harlan4096, 

Thanks for the advice, our systems are clean, the (test) detections are as a result of the embedded links used by SC.  

 

Thank you🙏

Flood🐳 +🐋

[Beacon_of_hope]

Hello,

This URL is associated with a malicious browser extension.

Also, it seems the system probably has some kind of PUP/PUA/Adware which triggering those malicious URL accesses…

 

I would run a tool such as AdwCleaner to check...

I scanned my system with KC free and I have passive free scanners Malwarebytes and SuperAntiSpyware, everything is clean. If Kaspersky team is able to replicate the problem then I am sure that it is not my PC.

 

Thanks for the advice, our systems are clean, the (test) detections are as a result of the embedded links used by SC.  

Thank you🙏

Flood🐳 +🐋

So Swisscows is the problem, I must wait for them to fix it? Until than better to use some other google alternative? I will also try to get in touch with them to explain them situation.

What did you mean by that picture from Kaspersky virus experts:

“You are required to please, remove the link”

 

[Flood and Flood's wife]

So Swisscows is the problem, I must wait for them to fix it? Until then better to use some other google alternative? I will also try to get in touch with them to explain them situation.

What did you mean by that picture from Kaspersky virus experts: “You are required to please, remove the link”

Hello @Beacon_of_hope, 

(ioo) do not use swisscows until they’ve fixed the issue.

The Kaspersky person who wrote “You are required to please, remove the link”, made a small mistake; it should say, “to fix the problem, they are required to please remove the link”, then the actual link as it is in the email we received.

Thank you🙏

Flood🐳 +🐋

[Beacon_of_hope]

Ok, if they don’t fix it soon I will use some other search engine. Thanks for answer 😎

 

[Beacon_of_hope]

I think they fixed it, I tried today to search in Swisscows more than 15 times in Brave and 10 in Firefox and I didn’t get this message. I will still test it but I am 95% sure it is fixed😁

[Flood and Flood's wife]

I think they fixed it!

Hello @Beacon_of_hope, 

Yes indeed, it is fixed, Kaspersky finally removed *logo.gdprvalidate.de* from their blocklists

 

Thank you🙏

Flood🐳 +🐋